Hotels & Resorts Remain a Major Target for Cybercriminals in 2021

Global businesses have been on high alert from data breaches ever since the COVID19 pandemic started. The increase in the number of remote workers and digital services (touchless payments, mobile apps, and touch screens, etc.) has also heightened the security concerns for businesses deploying them. 

Cybersecurity magazine ThreatPost quote a BitDefender research in their recent blog:

“As more and more people adhere to the work-from-home schedule imposed by the coronavirus pandemic, employees will take cybersecurity shortcuts for convenience,” 

“Insufficiently secured personal devices and home routers, transfer of sensitive information over unsecured or unsanctioned channels (such as instant messaging apps, personal e-mail addresses, and cloud-based document processors) will play a key role in data breaches and leaks.”

Singapore based technology consultancy and research provider, AnalysysMason, predict in a recent report that “mobile device security will be the fastest-growing cyber-security category of all, attaining a 17% CAGR between 2019 and 2025, reaching $13 billion.” 

Hotels are easily susceptible targets for cybercriminals and carry a treasure trove of guest data and personal information that hackers want. Hospitality businesses have reported a series of cyber breaches including card data theft, room key hijacking, and WIFI breaches throughout the last decade. 

Hoteliers are already accelerating digitization and contactless services in 2021, making room for safer guest experiences without unnecessary staff interactions. The influx of these technologies requires a professional approach to hotel cybersecurity. 

The US hospitality industry already understands the severity of a data breach. Popular franchises including Marriott, Hilton, and many others have fallen prey to cybercriminals in the past decade. The Marriott data breach, possibly one of the longest-running ones in history, was settled after a $120 million lawsuit. 

It is critical to mention hotels, resorts, and other lodging businesses that offer digital services and use automation to deliver services require professional technology management in 2021. The complex nature of technologies, their security frameworks, and interoperability requires a professional technology manager to constantly monitor performance. 

Hotels are already faced with serious challenges like using legacy PMS that have limited or weaker security features. It, therefore, requires professionally managed expertise to ensure every technology action surface in the hotel is secure, compliant, and patched for vulnerabilities.  

Hotels are now offering a diverse number of guest service and operation technologies due to increased safety and hygiene laws. Mobile apps, robots, contactless BLE room keys, tablets, and many other back-end technologies make up the hospitality ecosystem today. Hospitality technology providers are well versed with cybersecurity threats and insights to provide a clearer picture to hotel operators. 

It is crucial that hotel operators are proactive with their technology cybersecurity and user privacy. In a recent article, Steve Oates Director of SAVIT Group – Cybersecurity & IT Co., comments that: 

“A breach will erode the confidence in your brand,”… “Depending on the level of the attack and the extent of the news coverage, your brand can be permanently damaged. After an attack, even if you put the necessary safeguards in place, customers might never know about them. People are willing to forgive a business for being a victim of a crime, but they are less likely to forgive a business for being negligent toward them.”

The idea from Oates in his LinkedIn article is that hotels have to be prepared. In the case of hospitality, both technology and staff must be prepared. IBM established in a 2018 report that human error is the highest contributing factor leading to data breaches. Hotel staff must have a basic understanding of cybersecurity essentials and the right contingency plan in case of a breach. 

In 2021, hotels and lodging businesses will have to go through massive technology evolution. From creating a more desirable guest experience to securing guest data, hotel operators will need to speed their investment in cybersecurity and technology management services. 

Hospitality technology management providers today recommend conducting professional technology gap assessments in hotels to ensure robust cybersecurity. A technology gap assessment is a direct way to identify technology vulnerabilities, legacy systems, non-compliant IT assets, and threatening staff practices in hotels. 

The FTC and the PCI council have already alerted hotels and lodging businesses to establish more strict cybersecurity policies to protect guests and their data. The FBI in early 2020 alerted all US businesses to take strict precautions in light of increased cybercrime with the COVID19 pandemic worsening. 


As we roll into 2021, AHT Inc. is actively assisting hotel operators to deploy more rigorous cybersecurity tools and practices. Our certified professionals persevere every day to ensure our customers and their guests are secured when at the hotel. 

Get in touch with our team to know more about our exclusive cybersecurity services and technology management suite. Remember to visit us again for more insights